Skip to main content
Palyra is a high-level AI agent orchestration platform designed for secure, auditable, and extensible interactions between Large Language Models (LLMs) and local or remote environments. The system is built as a modular monorepo, prioritizing a “fail-closed” security model, human-in-the-loop approvals, and a robust plugin architecture. The platform’s primary goal is to provide a unified gateway where agents can execute tools (skills), manage long-term memory, and interact with users across multiple channels (Web, Discord, CLI) while maintaining strict governance over secrets and system resources.

System Architecture

The Palyra ecosystem consists of several specialized daemons and client applications that communicate via gRPC and REST APIs. At the center is palyrad, which orchestrates the lifecycle of agent “runs” and enforces security policies.

High-Level Component Interaction

The following diagram illustrates how the core daemons and user interfaces interact. Diagram: System Component Map Sources: crates/palyra-daemon/Cargo.toml:1-55(), apps/desktop/README.md:17-39(), apps/web/README.md:6-26()

Major Components

ComponentCode Entity / BinaryDescription
Core DaemonpalyradThe central orchestrator. Manages sessions, tool execution, and the security policy engine. crates/palyra-daemon/src/bin/palyrad.rs#9-10
Browser Daemonpalyra-browserdA headless browser controller providing automation capabilities (Click, Type, Screenshot) to agents. crates/palyra-browserd/Cargo.toml#2
CLI ToolpalyraThe primary operator interface for configuration, manual overrides, and TUI-based interaction. crates/palyra-cli/src/bin/palyra.rs#9-10
Desktop Apppalyra-desktopA Tauri-based supervisor that manages the lifecycle of palyrad and palyra-browserd. apps/desktop/README.md#1-5
Web Consoleapps/webA React dashboard for monitoring agent runs, managing memory, and granting approvals. apps/web/README.md#1-4

Code-to-System Mapping

Palyra bridges high-level agent concepts (like “Skills” or “Sessions”) with specific Rust crates and Protobuf definitions. Diagram: Entity Mapping Sources: Cargo.toml:1-21(), crates/palyra-daemon/build.rs:7-14(), crates/palyra-cli/build.rs:7-14()

Key Subsystems

  • Gateway and Session Orchestration: Handles the RunStateMachine, processing inbound messages from channels and routing them through the LLM. For details, see Gateway and Session Orchestration.
  • Security and Policy Engine: Uses the Cedar policy language to evaluate whether a tool call or secret access is permitted. For details, see Security Architecture.
  • Skills and Plugin System: Executes tools in isolated WASM sandboxes using wasmtime. For details, see Skills and Plugin System.
  • Channel Connectors: Adapters for external platforms like Discord and Slack. For details, see Channel Connectors.
  • Browser Automation: A dedicated service for agent-driven web navigation. For details, see Browser Automation (palyra-browserd).

Repository and Workspace

The Palyra monorepo is organized as a Cargo workspace containing 18 internal crates and several application directories.
  • Crates: Found in crates/, these provide modular logic for auth, identity, transport, and more. Cargo.toml#2-21
  • Apps: Found in apps/, containing the Web, Desktop (Tauri), and Browser Extension frontends. apps/desktop/README.md#1-5
  • Schemas: Found in schemas/proto/, defining the gRPC and Protobuf contracts that ensure type safety across Rust, Kotlin, and Swift. crates/palyra-daemon/build.rs#7-14
For a deep dive into how these files are organized, see Repository Structure and Workspace Layout.

Development and Setup

Palyra uses a custom toolchain and bootstrap process to ensure consistent environments across Linux, macOS, and Windows. Developers primarily interact with the system via just or make targets and the palyra doctor diagnostic command. For instructions on setting up your local environment, see Getting Started and Developer Workflow. Sources: Cargo.toml:1-84(), apps/desktop/README.md:102-158(), apps/web/README.md:43-59()

Child Pages